Use this when the user wants a reusable, HOSTED image URL — an og:image or a link to embed in an <img> tag — rather than the image bytes. Do NOT use for a one-off inline screenshot (use rendex_screenshot). Renders a URL, raw HTML, or Markdown and gives back a signed, hosted, edge-cached image URL...
AI agents invoke rendex_render_link to trigger actions in Rendex Screenshot. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.
| Parameter | Type | Required | Description |
|---|---|---|---|
js | string | — | Custom JavaScript to execute in the page before capture. Runs in the browser sandbox. Max 50KB. |
css | string | — | Custom CSS to inject into the page before capture. Hide cookie banners, add watermarks, override styles. Max 50KB. |
geo | string | — | ISO 3166-1 alpha-2 country code for geo-targeted capture (e.g., 'US', 'DE', 'JP'). Renders the page as seen from that country. Pro/Enterprise only. Note: CSS/JS |
url | string | — | The webpage URL to capture (a schemeless host like 'example.com' is accepted). Mutually exclusive with 'html' and 'markdown'. |
data | object | — | Key-value data object for Mustache templating. When provided, the 'html' or 'markdown' string is rendered as a logic-less Mustache template before capture — {{v |
html | string | — | Raw HTML to render and capture. Mutually exclusive with 'url' and 'markdown'. Great for invoices, social cards, email templates, OG images. |
delay | integer | — | Milliseconds to wait after page load before capture (useful for JS-rendered content) |
width | integer | — | Viewport width in pixels (320-3840) |
device | string | — | Device preset that sets viewport, scale factor, and user agent in one shot. E.g. 'iphone_15' for a mobile screenshot. Overrides width/height/deviceScaleFactor/u |
format | string | — | Output format — png (lossless), jpeg (smaller), webp (smallest), or pdf (document). Use pdf for invoices, reports, archival. |
height | integer | — | Viewport height in pixels (240-2160) |
cookies | array | — | Cookies to set before capture. Useful for authenticated pages. Max 50 cookies. |
Parameters from the server's own tool schema.
This tool triggers an external operation (rendering and hosting an image) on a remote service, producing a persistent hosted artifact. It is not a simple read/query, nor does it delete data. The 'execute' category fits best because it runs an external process with side effects (hosting a cached image at a URL).
From the tool's definition Renders a URL, raw HTML, or Markdown and gives back a signed, hosted, edge-cached image URL — triggers an external rendering operation and hosts the result on Rendex infrastructure. 'Costs 1 render'
Risk signalsAccepts freeform code/query input (js) · Accepts file system path (cookies[].path) · Accepts URL/endpoint input (url) · Accepts raw HTML/template content (html) · High parameter count (50 properties) · Bulk/mass operation — affects multiple targets
Attacks that exploit this kind of access
Use this when the user wants a reusable, HOSTED image URL — an og:image or a link to embed in an <img> tag — rather than the image bytes. Do NOT use for a one-off inline screenshot (use rendex_screenshot). Renders a URL, raw HTML, or Markdown and gives back a signed, hosted, edge-cached image URL instead of the bytes — ideal for dynamic OG images: drop the URL into <meta property="og:image"> or an <img> tag and Rendex serves a cached copy on every share. Takes the same options as rendex_screenshot, plus an optional expiresIn. Returns { url, expiresAt, format, cacheTtl } as JSON. Costs 1 render credit per fresh render; cached repeat hits don't re-charge. It is categorised as a Execute tool in the Rendex Screenshot MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.
rendex_render_link accepts 12 parameters: js, css, geo, url, data, html, delay, width, device, format, height, cookies. The full parameter table on this page comes from the server's own tool schema.
Register the Rendex Screenshot MCP server in PolicyLayer and add a rule for rendex_render_link: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Rendex Screenshot. Nothing to install.
rendex_render_link is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.
Yes. Add a rate_limit block to the rendex_render_link rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for rendex_render_link. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
rendex_render_link is provided by the Rendex Screenshot MCP server (copperline-labs/rendex-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →